23 Share your voice The Nike Adapt BB, a pair of self-tying shoes, are controlled through an app. Ariel Nunez / CNET I’m dribbling a basketball in one hand, with a phone in the other, adjusting the tightness on a pair of Nike’s Bluetooth-connected, self-tying Adapt BB sneakers on my feet. The futuristic shoes, which go on sale for $350 on Feb. 17, alternate between boa constrictor-tight and comfy slipper-loose as I toggle through the app like a child flicking a light switch for the first time. Goofing around, I try to grab my colleague’s phone so I can suffocate him via sneakers as we run around the basketball court at Nike’s headquarters in New York. All of a sudden, he isn’t trying to just play defense in basketball; he has to guard his phone, too. Athletic apparel companies like Nike, Under Armour and Puma may find themselves similarly on the defensive as they lead the charge to infuse technology into their sneakers. After all, the smarter the object, the more likely it is to be hacked. It’s a worrisome trend that industries are dealing with as they try to find the balance between adding convenience and protecting your privacy. Comments Nike’s Adapt BBs aren’t even the first pair of smart shoes. Under Armour has been making connected kicks for a while now — it’s on its fourth generation with its HOVR line, with an embedded chip that tracks your footsteps and running pace. Puma also entered the self-tying shoe world with the Puma Fit Intelligence line, which it announced Jan. 31. Nike and Under Armour say they’re taking data privacy and security seriously with their new shoes. Puma, which is expecting its self-tying sneakers release in 2020, didn’t offer details on its shoe security protocol. “On top of the Bluetooth security layers, we implemented a two-way authentication protocol to guarantee only the users’ device can control their shoes,” Nike said in a statement. “Players can play with confidence knowing that they, and only they, control their shoes.” Just for kicks As I’m walking around at the tightest setting available for the Adapt BBs, I think about how awful it would be if a star athlete was trapped in these shoes because of a hijacked phone. Or worse, if it were me! Admittedly, it’s an unlikely scenario. It’s only possible if somebody steals my phone and is within Bluetooth distance of the shoes. On top of the Adapt BB’s wireless security, the shoe is locked to the device you first paired it with. Even if someone else had your account information, they wouldn’t be able to log in from a distance and tighten your shoes from another phone, according to Nike. While Nike says it’s kept its connected sneakers safe from hackers, the concern is that as more companies try to make connected shoes, the chances of having a shoe eventually hacked will increase. “Nike has the size and resources to do this well,” said Andrew Tierney, a security researcher with Pen Test Partners. “I think the worry is about other vendors coming along. It could be the case that they would cut corners.” Tied up The Adapt BBs pair with Nike’s app through Bluetooth Low Energy, a connection protocol that’s often used in smart devices because it allows for longer battery life. The sneaker connection is encrypted, a Nike spokesman said. But Bluetooth Low Energy isn’t impervious. Security researchers have found issues with BLE chips that could have allowed hackers to spread malware across hospitals and factories. Several smart locks have been hacked over BLE, according to researchers. “BLE, in the last year, has shown to be hand-in-hand with bad security,” Tierney said. The security firm’s focus has been on products like locks and alarms, and fortunately, there’s a big difference between smart locks and sneakers when it comes to security via BLE. “With sneakers, you’re only going to have one person and one device paired to it. When you’re looking at a door lock, four to five people are supposed to be able to control it,” Tierney said. “It’s very easy to make Bluetooth pair to one device securely.” Soft ‘wear’ security With connected shoes, there are more concerns than just messing with your sneaker’s fit. These shoes are collecting data, like your steps, running pace and, in some cases, your height and weight. They’re using that data to make better sneakers, and also feeding it to artificial intelligence to offer you coaching tips for a better workout. Nike’s app will do more than just control the laces on your sneakers. The company wants to collect data through the app to help athletes with their performance. Nike “We are essentially putting a mobile research lab on the feet of athletes all over the world, and creating a whole new frontier to accelerate both product development and sports science,” Michael Donaghu, Nike’s vice president of innovation, said at an event last month. It makes sense that people are willing to share information with fitness apps, which they downloaded to help them live healthier lives. But the apps can’t help unless you hand over information like your diet and exercise routine. “Even with all of the privacy breach issues, consumers are still willing to give information,” Cleary said. “You just gotta show them what they get in return.” It means trusting companies like Nike and Under Armour with your workout information, the same way that Facebook and Google hope you trust them with data about your social life. Unlike social networks, though, sneaker companies aren’t looking to make money off of your data — at least directly. Under Armour’s privacy policy allows it to share your data for advertising and marketing purposes, and when you run, it can share your location data with third parties for personalized ads, with consent. App worries Nike and Under Armour say they have no plans to sell or share the information they collect with third parties. But just because they don’t have plans to share that data doesn’t mean it can’t be stolen. Last March, Under Armour said its MyFitnessPal app had been hacked, with thieves stealing data including usernames, email addresses and hashed passwords, from 150 million accounts. Inside the shoebox for Under Armour’s new line of HOVR sneakers, which have a chip inside that tracks your steps and running activity. Alfred Ng / CNET To use the connected footwear features on Under Armour’s new HOVR sneakers, you need to make an account and connect it with their the MapMyRun app, which has 260 million users. The app doesn’t have two-factor authentication, a standard security feature for protecting accounts from hackers. “We continually evaluate the privacy and security of our apps with keen attention to current privacy and security industry standards,” a company spokeswoman said in a statement. So even if the sneakers themselves are properly secured, the apps are another risk that come with connected shoes. “We’ve seen this with fitness-tracking apps. There’s lots of things where the actual device is secure, but the cloud service behind it is awful,” Tierney said. “There’s potential for abuse there.” Security: Stay up-to-date on the latest in breaches, hacks, fixes and all those cybersecurity issues that keep you up at night. Blockchain Decoded: CNET looks at the tech powering bitcoin — and soon, too, a myriad services that will change your life. Being aware of the potential security risks is even more critical for fitness apps, considering that people are more likely to share sensitive information like location, running routes and health routines. Fitness tracker Strava’s “Global Heatmap” had a privacy fiasco a year ago when it was revealing exercise routes around secret US military positions. “These manufacturers are going to be subject to the same issues that our social networks are now under the microscope of,” said Brian Cleary, vice president of marketing at RedPoint Global, a customer data company. And while people will be buying smart sneakers for tech features like self-tying laces, the future is in the apps, Nike executives say. “In the future, the app will be that bridge to the powered athlete,” said Jordan Rice, Nike’s director of smart systems engineering. Once you put a device online, you’re introducing a new opportunity for attacks, whether it’s a Nest Camera blaring alarms or your smart TV playing a PewDiePie promotional clip. And shoes are hardly the first thing to go “smart” — there’s everything from litter boxes to weights and pillows. We are essentially putting a mobile research lab on the feet of athletes all over the world. Michael Donaghu, Nike’s vice president of innovation Now playing: Watch this: 4:36 Wearable Tech Security Tags Nike’s self-lacing sneaker will be worn in the NBAread more

Donald Trump, Kim Jong-UnUS president Donald Trump said Saturday that diplomatic efforts with North Korea have consistently failed, adding that “only one thing will work.”Trump has engaged in an escalating war of words with North Korean strongman Kim Jong-Un, trading insults amid rising tensions between the two nuclear-armed rivals.”Presidents and their administrations have been talking to North Korea for 25 years, agreements made and massive amounts of money paid,” Trump tweeted.It “hasn’t worked, agreements violated before the ink was dry, makings fools of US negotiators. Sorry, but only one thing will work!”Trump returned to the theme when he appeared on former governor Mike Huckabee’s show on Trinity Broadcasting Network television on Saturday, blaming previous administrations for not having adequately addressed the issue before.This “should have been handled 25 years ago, it should have been handled 10 years ago, it should haven been handled during the Obama administration,” the president said, referring to his Democratic predecessor Barack Obama.The US has not ruled out the use of force to compel Pyongyang to halt missile and nuclear tests, and Trump has threatened to destroy the country.The mercurial American president also told journalists at a recent gathering with military leaders to discuss Iran, North Korea and the Islamic State group that the current period “could be the calm before the storm,” declining to clarify his remarks.In recent days, as Secretary of State Rex Tillerson flew home from meeting with top Chinese officials, Trump tweeted that his envoy was “wasting his time” in trying to probe North Korea’s willingness to talk.- Insults and threats -The message came after Tillerson had revealed there were backchannels between US and North Korean officials.Secretary of Defence James Mattis later expressed support for the diplomatic track in testimony before the Senate Armed Services Committee.”The Defense Department supports fully Secretary Tillerson’s efforts to find a diplomatic solution, but remains focused on defense of the United States and our allies,” Mattis said.In his debut speech at the United Nations General Assembly, Trump threatened to “totally destroy” North Korea if it threatens the US or any of its allies, deriding Kim as “Rocket Man” and warning he is on a “suicide mission.”Kim responded by calling Trump a “mentally deranged dotard.”Trump’s administration has also been at the forefront of a drive to impose a series of sanctions against North Korea in response to its sixth nuclear test — the largest yet — and the firing of two missiles over Japan.North Korea’s main economic partner China has signed up to the sanctions, including restrictions on imports, as has Russia.The United States fought a bloody conflict in Korea from 1950-1953 that ultimately ended in stalemate and the continued division of the peninsula after hundreds of thousands of Chinese troops entered on the side of the north, turning it into a war of attrition.A renewed military conflict on the Korean peninsula would come with devastating consequences: in addition to its nuclear weapons, North Korea has a conventional arsenal that could wreak havoc on the South Korean capital Seoul, which is located near the “demilitarized zone” dividing the two countries.read more